Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2020/09/25 12:0 a.m.54 views

Debian DSA-4766-1 : rails - security update

Multiple security issues were discovered in the Rails web framework which could result in cross-site scripting, information leaks, code execution, cross-site request forgery or bypass of upload limits. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.8CVSS6.7AI score0.45732EPSS
Exploits9References9
Debian
Debian
added 2020/09/24 8:50 p.m.164 views

[SECURITY] [DSA 4766-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4766-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2020 https://www.debian.org/security/faq -...

9.8CVSS8AI score0.45732EPSS
Exploits9
OpenVAS
OpenVAS
added 2020/06/29 12:0 a.m.30 views

Ruby on Raily < 5.2.4.3, 6.x < 6.0.3.1 Multiple Vulnerabilities - Linux

Ruby on Rails is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

9.8CVSS7.6AI score0.45732EPSS
Exploits8References5
CVE
CVE
added 2020/06/19 5:2 p.m.143 views

CVE-2020-8162

CVE-2020-8162 affects Rails ActiveStorage’s S3 direct-upload functionality. The issue arises from client-side enforcement that bypasses server-side upload-size limits by changing the Content-Length of the direct upload URL. Impacted products/versions include Rails &lt; 5.2.4.2 and Rails

7.5CVSS7.2AI score0.03065EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2020/06/02 2:53 p.m.36 views

CVE-2020-8162

A flaw was found in rubygem-activestorage. The ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user. The highest threat from this vulnerability is to data integrity...

5CVSS2.4AI score0.03065EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.37 views

FreeBSD : Rails -- multiple vulnerabilities (85fca718-99f6-11ea-bf1d-08002728f74c)

Ruby on Rails blog : Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important security fixes, so please upgrade when you can. Both releases contain the following fixes : CVE-2020-8162: Circumvention of file size limits in ActiveStorage CVE-2020-8164: Possible...

9.8CVSS6.9AI score0.45732EPSS
Exploits9References12
Rows per page
Query Builder